net: don't record/verify UDP sequence numbers if buffer is too small

This causes a bunch of out-of-bounds accesses if you have really small buffer
sizes (i.e. 16 bytes will crash).

Signed-off-by: Steven Noonan <steven@uplinklabs.net>
Signed-off-by: Jens Axboe <axboe@fb.com>

diff --git a/engines/net.c b/engines/net.c
index 7a0fe696c1b81c7ff0dba9539387a0f16c5d7bdb..cd19535294a083eff56c97036aef75f8c4615541 100644 (file)
--- a/engines/net.c
+++ b/engines/net.c
@@ -484,6 +484,9 @@ static void store_udp_seq(struct netio_data *nd, struct io_u *io_u)
 {
        struct udp_seq *us;
 
+       if (io_u->xfer_buflen < sizeof(*us))
+               return;
+
        us = io_u->xfer_buf + io_u->xfer_buflen - sizeof(*us);
        us->magic = cpu_to_le64((uint64_t) FIO_UDP_SEQ_MAGIC);
        us->bs = cpu_to_le64((uint64_t) io_u->xfer_buflen);
@@ -496,6 +499,9 @@ static void verify_udp_seq(struct thread_data *td, struct netio_data *nd,
        struct udp_seq *us;
        uint64_t seq;
 
+       if (io_u->xfer_buflen < sizeof(*us))
+               return;
+
        if (nd->seq_off)
                return;